db

package
v0.0.0-...-03b241a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 25, 2020 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrAlreadyExists = errors.New("already exists")

ErrAlreadyExists can be returned if the DB attempts to set a key that has been previously set.

View Source
var ErrNotImplemented = errors.Errorf("not implemented")

ErrNotImplemented is an error returned when an operation is Not Implemented.

Functions

This section is empty.

Types

type AuthDB

type AuthDB interface {
	IsRevoked(sn string) (bool, error)
	IsSSHRevoked(sn string) (bool, error)
	Revoke(rci *RevokedCertificateInfo) error
	RevokeSSH(rci *RevokedCertificateInfo) error
	StoreCertificate(crt *x509.Certificate) error
	UseToken(id, tok string) (bool, error)
	IsSSHHost(name string) (bool, error)
	StoreSSHCertificate(crt *ssh.Certificate) error
	GetSSHHostPrincipals() ([]string, error)
	Shutdown() error
}

AuthDB is an interface over an Authority DB client that implements a nosql.DB interface.

func New

func New(c *Config) (AuthDB, error)

New returns a new database client that implements the AuthDB interface.

type Config

type Config struct {
	Type       string `json:"type"`
	DataSource string `json:"dataSource"`
	ValueDir   string `json:"valueDir,omitempty"`
	Database   string `json:"database,omitempty"`

	// BadgerFileLoadingMode can be set to 'FileIO' (instead of the default
	// 'MemoryMap') to avoid memory-mapping log files. This can be useful
	// in environments with low RAM
	BadgerFileLoadingMode string `json:"badgerFileLoadingMode"`
}

Config represents the JSON attributes used for configuring a step-ca DB.

type DB

type DB struct {
	nosql.DB
	// contains filtered or unexported fields
}

DB is a wrapper over the nosql.DB interface.

func (*DB) GetSSHHostPrincipals

func (db *DB) GetSSHHostPrincipals() ([]string, error)

GetSSHHostPrincipals gets a list of all valid host principals.

func (*DB) IsRevoked

func (db *DB) IsRevoked(sn string) (bool, error)

IsRevoked returns whether or not a certificate with the given identifier has been revoked. In the case of an X509 Certificate the `id` should be the Serial Number of the Certificate.

func (*DB) IsSSHHost

func (db *DB) IsSSHHost(principal string) (bool, error)

IsSSHHost returns if a principal is present in the ssh hosts table.

func (*DB) IsSSHRevoked

func (db *DB) IsSSHRevoked(sn string) (bool, error)

IsSSHRevoked returns whether or not a certificate with the given identifier has been revoked. In the case of an X509 Certificate the `id` should be the Serial Number of the Certificate.

func (*DB) Revoke

func (db *DB) Revoke(rci *RevokedCertificateInfo) error

Revoke adds a certificate to the revocation table.

func (*DB) RevokeSSH

func (db *DB) RevokeSSH(rci *RevokedCertificateInfo) error

RevokeSSH adds a SSH certificate to the revocation table.

func (*DB) Shutdown

func (db *DB) Shutdown() error

Shutdown sends a shutdown message to the database.

func (*DB) StoreCertificate

func (db *DB) StoreCertificate(crt *x509.Certificate) error

StoreCertificate stores a certificate PEM.

func (*DB) StoreSSHCertificate

func (db *DB) StoreSSHCertificate(crt *ssh.Certificate) error

StoreSSHCertificate stores an SSH certificate.

func (*DB) UseToken

func (db *DB) UseToken(id, tok string) (bool, error)

UseToken returns true if we were able to successfully store the token for for the first time, false otherwise.

type MockAuthDB

type MockAuthDB struct {
	Err                   error
	Ret1                  interface{}
	MIsRevoked            func(string) (bool, error)
	MIsSSHRevoked         func(string) (bool, error)
	MRevoke               func(rci *RevokedCertificateInfo) error
	MRevokeSSH            func(rci *RevokedCertificateInfo) error
	MStoreCertificate     func(crt *x509.Certificate) error
	MUseToken             func(id, tok string) (bool, error)
	MIsSSHHost            func(principal string) (bool, error)
	MStoreSSHCertificate  func(crt *ssh.Certificate) error
	MGetSSHHostPrincipals func() ([]string, error)
	MShutdown             func() error
}

MockAuthDB mocks the AuthDB interface. //

func (*MockAuthDB) GetSSHHostPrincipals

func (m *MockAuthDB) GetSSHHostPrincipals() ([]string, error)

GetSSHHostPrincipals mock.

func (*MockAuthDB) IsRevoked

func (m *MockAuthDB) IsRevoked(sn string) (bool, error)

IsRevoked mock.

func (*MockAuthDB) IsSSHHost

func (m *MockAuthDB) IsSSHHost(principal string) (bool, error)

IsSSHHost mock.

func (*MockAuthDB) IsSSHRevoked

func (m *MockAuthDB) IsSSHRevoked(sn string) (bool, error)

IsSSHRevoked mock.

func (*MockAuthDB) Revoke

func (m *MockAuthDB) Revoke(rci *RevokedCertificateInfo) error

Revoke mock.

func (*MockAuthDB) RevokeSSH

func (m *MockAuthDB) RevokeSSH(rci *RevokedCertificateInfo) error

RevokeSSH mock.

func (*MockAuthDB) Shutdown

func (m *MockAuthDB) Shutdown() error

Shutdown mock.

func (*MockAuthDB) StoreCertificate

func (m *MockAuthDB) StoreCertificate(crt *x509.Certificate) error

StoreCertificate mock.

func (*MockAuthDB) StoreSSHCertificate

func (m *MockAuthDB) StoreSSHCertificate(crt *ssh.Certificate) error

StoreSSHCertificate mock.

func (*MockAuthDB) UseToken

func (m *MockAuthDB) UseToken(id, tok string) (bool, error)

UseToken mock.

type MockNoSQLDB

type MockNoSQLDB struct {
	Err          error
	Ret1, Ret2   interface{}
	MGet         func(bucket, key []byte) ([]byte, error)
	MSet         func(bucket, key, value []byte) error
	MOpen        func(dataSourceName string, opt ...database.Option) error
	MClose       func() error
	MCreateTable func(bucket []byte) error
	MDeleteTable func(bucket []byte) error
	MDel         func(bucket, key []byte) error
	MList        func(bucket []byte) ([]*database.Entry, error)
	MUpdate      func(tx *database.Tx) error
	MCmpAndSwap  func(bucket, key, old, newval []byte) ([]byte, bool, error)
}

MockNoSQLDB //

func (*MockNoSQLDB) Close

func (m *MockNoSQLDB) Close() error

Close mock

func (*MockNoSQLDB) CmpAndSwap

func (m *MockNoSQLDB) CmpAndSwap(bucket, key, old, newval []byte) ([]byte, bool, error)

CmpAndSwap mock

func (*MockNoSQLDB) CreateTable

func (m *MockNoSQLDB) CreateTable(bucket []byte) error

CreateTable mock

func (*MockNoSQLDB) Del

func (m *MockNoSQLDB) Del(bucket, key []byte) error

Del mock

func (*MockNoSQLDB) DeleteTable

func (m *MockNoSQLDB) DeleteTable(bucket []byte) error

DeleteTable mock

func (*MockNoSQLDB) Get

func (m *MockNoSQLDB) Get(bucket, key []byte) ([]byte, error)

Get mock

func (*MockNoSQLDB) List

func (m *MockNoSQLDB) List(bucket []byte) ([]*database.Entry, error)

List mock

func (*MockNoSQLDB) Open

func (m *MockNoSQLDB) Open(dataSourceName string, opt ...database.Option) error

Open mock

func (*MockNoSQLDB) Set

func (m *MockNoSQLDB) Set(bucket, key, value []byte) error

Set mock

func (*MockNoSQLDB) Update

func (m *MockNoSQLDB) Update(tx *database.Tx) error

Update mock

type RevokedCertificateInfo

type RevokedCertificateInfo struct {
	Serial        string
	ProvisionerID string
	ReasonCode    int
	Reason        string
	RevokedAt     time.Time
	TokenID       string
	MTLS          bool
}

RevokedCertificateInfo contains information regarding the certificate revocation action.

type SimpleDB

type SimpleDB struct {
	// contains filtered or unexported fields
}

SimpleDB is a barebones implementation of the DB interface. It is NOT an in memory implementation of the DB, but rather the bare minimum of functionality that the CA requires to operate securely.

func (*SimpleDB) Close

func (s *SimpleDB) Close() error

Close closes the current database.

func (*SimpleDB) CmpAndSwap

func (s *SimpleDB) CmpAndSwap(bucket, key, oldValue, newValue []byte) ([]byte, bool, error)

CmpAndSwap swaps the value at the given bucket and key if the current value is equivalent to the oldValue input. Returns 'true' if the swap was successful and 'false' otherwise.

func (*SimpleDB) CreateTable

func (s *SimpleDB) CreateTable(bucket []byte) error

CreateTable creates a table or a bucket in the database.

func (*SimpleDB) Del

func (s *SimpleDB) Del(bucket, key []byte) error

Del deletes the data in the given table/bucket and key.

func (*SimpleDB) DeleteTable

func (s *SimpleDB) DeleteTable(bucket []byte) error

DeleteTable deletes a table or a bucket in the database.

func (*SimpleDB) Get

func (s *SimpleDB) Get(bucket, key []byte) ([]byte, error)

Get returns the value stored in the given table/bucket and key.

func (*SimpleDB) GetSSHHostPrincipals

func (s *SimpleDB) GetSSHHostPrincipals() ([]string, error)

GetSSHHostPrincipals returns a "NotImplemented" error.

func (*SimpleDB) IsRevoked

func (s *SimpleDB) IsRevoked(sn string) (bool, error)

IsRevoked noop

func (*SimpleDB) IsSSHHost

func (s *SimpleDB) IsSSHHost(principal string) (bool, error)

IsSSHHost returns a "NotImplemented" error.

func (*SimpleDB) IsSSHRevoked

func (s *SimpleDB) IsSSHRevoked(sn string) (bool, error)

IsSSHRevoked noop

func (*SimpleDB) List

func (s *SimpleDB) List(bucket []byte) ([]*database.Entry, error)

List returns a list of all the entries in a given table/bucket.

func (*SimpleDB) Open

func (s *SimpleDB) Open(dataSourceName string, opt ...database.Option) error

Open opens the database available with the given options.

func (*SimpleDB) Revoke

func (s *SimpleDB) Revoke(rci *RevokedCertificateInfo) error

Revoke returns a "NotImplemented" error.

func (*SimpleDB) RevokeSSH

func (s *SimpleDB) RevokeSSH(rci *RevokedCertificateInfo) error

RevokeSSH returns a "NotImplemented" error.

func (*SimpleDB) Set

func (s *SimpleDB) Set(bucket, key, value []byte) error

Set sets the given value in the given table/bucket and key.

func (*SimpleDB) Shutdown

func (s *SimpleDB) Shutdown() error

Shutdown returns nil

func (*SimpleDB) StoreCertificate

func (s *SimpleDB) StoreCertificate(crt *x509.Certificate) error

StoreCertificate returns a "NotImplemented" error.

func (*SimpleDB) StoreSSHCertificate

func (s *SimpleDB) StoreSSHCertificate(crt *ssh.Certificate) error

StoreSSHCertificate returns a "NotImplemented" error.

func (*SimpleDB) Update

func (s *SimpleDB) Update(tx *database.Tx) error

Update performs a transaction with multiple read-write commands.

func (*SimpleDB) UseToken

func (s *SimpleDB) UseToken(id, tok string) (bool, error)

UseToken returns a "NotImplemented" error.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL